<?php 
if ($_ISA_INTEGRATE_LDAP == 1){
	include "../connect_ldap.php";
	include "../ldap_functions.php";
}	

$v_url_back = $_REQUEST['url_back'];
$v_app_code = $_REQUEST['app_code'];
$v_username = $_REQUEST['txt_usename'];
$v_password = $_REQUEST['txt_password'];
if (is_null($v_url_back)) {
	$v_url_back = "../org/index.php";
}
// Neu tich hop voi LDAP
if ($_ISA_INTEGRATE_LDAP==1){
	if (strpos($v_username,$_ISA_LDAP_USER_DN)===false){
		$v_username = $_ISA_LDAP_USERNAME_ATTRIBUTE."=" . $v_username . "," . $_ISA_LDAP_USER_DN;
	}
	$v_checklogin = LDAP_CheckLogin($v_username, $v_password);
	if ($v_checklogin){	// Dang nhap thanh cong
		$arr_staff_login = _get_staff_info_by_DN($v_username);
		//var_dump($arr_staff_login);
		if (sizeof($arr_staff_login)>0){
			$staff_id = $arr_staff_login[0];
			$user_id = $arr_staff_login[0];
			$user_name = $arr_staff_login[1];
			$is_isa_user_admin = $arr_staff_login[2];
			$is_isa_app_admin = $arr_staff_login[3];
		}else{?>
			<script>
				alert("Can phai xac dinh MOI QUAN HE giua 01 NSD trong CSDL LDAP voi 01 can bo cua ISA-USER");
				window.history.back();
			</script><?php	
			exit;	
		}	
	}else{?>
		<script>
			alert("Sai ten hoac mat khau dang nhap");
			window.history.back();
		</script><?php
		exit;	
	}
}else{
	if (_is_sqlserver()){
		$cmd = @mssql_init("USER_CheckLogin",$conn);
		@mssql_bind($cmd,"@p_username",$v_username,SQLVARCHAR);
		@mssql_bind($cmd,"@p_password",$v_password,SQLVARCHAR);
		@mssql_bind($cmd,"@p_app_code",$v_app_code,SQLVARCHAR);
		$result = @mssql_execute($cmd);
		$arr_staff_login = _get_row_to_array($result);
		@mssql_free_result($result);
	}
	if (sizeof($arr_staff_login) == 0){?>
		<script>
			alert("Sai ten hoac mat khau hoac NSD nay khong co quyen thu hien ung dung nay");
			window.history.back();
		</script><?php
		exit;
	}else{
		// Dang nhap thanh cong
		$staff_id = $arr_staff_login[0][0];
		$user_id = $arr_staff_login[0][0];
		$user_name = $arr_staff_login[0][2];
		$is_isa_user_admin = $arr_staff_login[0][3];
		$is_isa_app_admin = $arr_staff_login[0][4];
	}
}
?>
<form action="<?php echo $v_url_back;?>" name="f_back" method="post">
	<!--input type="hidden" name="fuseaction" value="DISPLAY_LOGIN"-->
	<input type="hidden" name="logon_staff_id" value="<?php echo $staff_id;?>">
	<input type="hidden" name="logon_user_id" value="<?php echo $user_id;?>">
	<input type="hidden" name="logon_user_name" value="<?php echo $user_name;?>">
	<input type="hidden" name="logon_is_isa_user_admin" value="<?php echo $is_isa_user_admin;?>">
	<input type="hidden" name="logon_is_isa_app_admin" value="<?php echo $is_isa_app_admin;?>">
	<input type="hidden" name="url_back" value="<?php echo $v_url_back;?>">
</form>		
<script language="javascript">	
	document.forms(0).submit();
</script> 
